Network Security ICS-SCADA Updated Exam

The Common Vulnerability Scoring System (CVSS) provides a way to capture the principal characteristics of a vulnerability and produce a numerical score reflecting its severity.

The temporal score in CVSS adjusts the base score of a vulnerability based on factors that change over time, such as the availability of exploits or the existence of patches.

The temporal score includes:

Remediation Level

Report Confidence

Attack Vector and User Interaction are part of the base score, not the temporal score, as they describe the fundamental characteristics of the vulnerability and do not typically change over time.

References

Common Vulnerability Scoring System v3.1: Specification Document.

"Understanding CVSS," by FIRST (Forum of Incident Response and Security Teams).

The Authentication Header (AH) in the context of IPsec has a fixed header portion of 24 bits and a mutable part that can vary, but when considering the fixed structure of the AH itself, the width is typically considered to be 32 bits at its core structure for basic operations in providing integrity and authentication, without confidentiality.References:

RFC 4302, "IP Authentication Header".

TCP flags are used in the header of TCP segments to control the flow of data and to indicate the status of a connection. Valid TCP flags include:

FIN: Finish, used to terminate the connection.

PSH: Push, instructs the receiver to pass the data to the application immediately.

URG: Urgent, indicates that the data contained in the segment should be processed urgently.

RST: Reset, abruptly terminates the connection upon error or other conditions.

SYN: Synchronize, used during the initial handshake to establish a connection.These flags are integral to managing the state and flow of TCP connections.References:

Douglas E. Comer, "Internetworking with TCP/IP Vol.1: Principles, Protocols, and Architecture".